Microsoft Releases Security Advisory for Vulnerability in TrueType Font Parsing
Original release date: November 4, 2011 at 8:27 am
Last revised: December 15, 2011 at 9:44 am
Microsoft has released Microsoft Security Advisory 2639658 to address
a vulnerability in the Win32k TrueType font parsing engine. By
convincing a user to open a malicious email attachment, an attacker
may be able to exploit this vulnerability and execute arbitrary code.
Microsoft has indicated that it is aware of targeted attacks
exploiting this vulnerability. The Duqu malware may exploit this
vulnerability.
UPDATE: Microsoft has provided an update to address this vulnerability
in Microsoft Security Bulletin MS11-087.
US-CERT encourages users and administrators to take the following
actions to help mitigate the risks of this vulnerability and the Duqu
malware:
* Review Microsoft Security Advisory 2639658 and apply the patch
provided in Microsoft Security Bulletin MS11-087.
* Use caution when opening attachments in email messages.
* Maintain up-to-date antivirus software.
Relevant Url(s):
<http://technet.microsoft.com/en-us/security/advisory/2639658>
<http://technet.microsoft.com/en-us/security/bulletin/ms11-087>